┌───────────────────────┐ │ C I P H X │ │ │ │ C I P H X │ │ │ │ C I P H X │ │ │ │ C I P H X │ │ │ │ C I P H X │ └───────────────────────┘
Federated data exchange
Maximum security
Minimum friction
Exchange realtime events and massive data streams across organizations with precision access control, end-to-end encryption and a cryptographic audit trail for every byte.
Deploy or tear down a Ciphx Exchange in seconds.
Deploy an unlimited number of Exchanges with the Ciphx ACME API.
A Ciphx Exchange instance is a unique combination of:
A Ciphx Exchange implements the most relentless, warrior-grade security specifications available.
The API has been refined for maximum usability and simplicity – without compromising security.
The Ciphx Key Agreement API facilitates universal end-to-end encryption across your applications.
Install your X509 trust anchors and cross-certificates on Ciphx services.
Our networked, OCSP and AIA-aware, depth-first search path builder supports any PKI structure.
Ciphx relies on no database for identity or access control.
Exchange configurations are immutable, encrypted atomic units that can be hosted anywhere.
Ciphx operates as an equation. It accepts a query and returns encrypted data.
Or the reverse: Ciphx accepts encrypted data, then transfers it.
Read:
f(query, context) = data
Write:
f(data, context) = transfer
Ciphx APIs are 100% standards-based. Swap any built-in Ciphx service with your custom implementation at any level.
Use Ciphx Exchange Aliases to brand any Ciphx API endpoint with a domain you control. Use CSRs, PKCS12 or ACME to securely enroll TLS certificates.
Ciphx Exchange Aliases make domain name-driven deployment tiers simple and fast.
Built-in support for PKI and OIDC/OAUTH2. Inject your trust anchors and be running in minutes.
Customize integrations with any external identity system.
Precached cross-signed certificates, networked Authority Information Access (AIA) support and certificate depth-first search allows advanced PKI structures:
Full support for MQTT version 3.1.1, QoS levels 0, 1 and 2. Ideal for realtime data streaming, with an easy publish/subscribe API.
Tunnel MQTT through Websockets to stream live data to any modern web browser. Or get wild and do the reverse – turn any web browser into a source of live data.
Enforce fine-grained Access Control for both publish and subscribe actions, based on topic filter patterns and user attributes.
Turn any web server into a fully authenticated and authorized web service in seconds. Enforce fine-grained Access Control based on path and query parts and user attributes.
Open architecture allows custom integration with any Application Layer protocol with a TCP transport.
Cryptographically-signed identity authority tree. Frequently used in security badges, password-less access keys and IoT devices.
Cryptographically-signed access tokens, with centralized database as source of truth. Common in cloud systems. Not appropriate for machine access.
Binds with organization’s existing PKI infrastructure or OIDC service.
Users and devices can authenticate and begin sharing data instantly.
Ephemeral guest accounts can be enrolled or removed in seconds.
Host organization can adopt partner’s identity authority chain.
Bridge Ciphx instances across multiple organizations.
Each organization hosts its own Ciphx instance while maintaining a sovereign identity tree.
Bridged Exchanges can share a common attributes authority to write policies against – bringing the ultimate in access control flexibility for cross-organizational data exchange.
Access Control policies can be as fine or broad as required.
Bind attributes from X509 certificate or OIDC JWT claims to policy rules.
Add third-party attributes authorities for precision access control.
Ciphx launches its self-service API in Q4. If you'd like to get started sooner, Email us at: info@ciphx.com. We'll set you up with a free preview account.
Need a custom PKI integration for your enterprise webservice? Or an OIDC multiuser data exchange for your customers? We can build that for you. Email us at: info@ciphx.com.
2023 Q4 2024 Q2 2024 Q4 ▨▨▨▨▨▦▦▤▤▤▤▤▤▤▤▤▤▤▤▤▤▤▤▤▣▣▣▣▣▣▣▣▣▣▣▣▣▣▣▣ ▨ ACME self- ▤ Multi-party billing service API ▦ Launch ▣ ML DPR integration for RAG